Support Post link can be bypassed on quoted message

T

todo10

Licensed
Licensed
Disallow Links
Joined
Oct 10, 2020
Messages
6
Reaction score
2
A member with no permissions to post links was able to bypass the filter by inserting the link in the quote:

Code: 
[QUOTE="Mandy Onderwater, post: 31475, member: 3896"]
Ahh, this is a topic I sadly don't know anything about. We always hired a professional (or asked experienced neighbours for help). Our house always had roof tiles though, and that's something we did ourselves. We kept a stack of spare tiles behind the shed [URL='https://liferaplumbing.ca/plumber-vancouver/'][COLOR=rgb(0, 0, 0)]learn more[/COLOR][/URL], for anytime one broke and/or fell during storms. Especially as they stopped making that particular type, haha.

Something people also forget to consider is; do you still feel safe (and/or fit enough) to go on a ladder and onto your roof. If the potential harm is not worth it to you, definitely hire someone.

It sounds like an "easy" job. But just because it [I]sounds[/I] easy, doesn't mean it [I]is [/I]easy.
[/QUOTE]
also thank you for your suggestion
 
Last edited:
Sort by date Sort by votes
Hello

todo10 said:
A member with no permissions to post links was able to bypass the filter by inserting the link in the quote:

Code: 
[QUOTE="Mandy Onderwater, post: 31475, member: 3896"]
Ahh, this is a topic I sadly don't know anything about. We always hired a professional (or asked experienced neighbours for help). Our house always had roof tiles though, and that's something we did ourselves. We kept a stack of spare tiles behind the shed [URL='https://liferaplumbing.ca/plumber-vancouver/'][COLOR=rgb(0, 0, 0)]learn more[/COLOR][/URL], for anytime one broke and/or fell during storms. Especially as they stopped making that particular type, haha.

Something people also forget to consider is; do you still feel safe (and/or fit enough) to go on a ladder and onto your roof. If the potential harm is not worth it to you, definitely hire someone.

It sounds like an "easy" job. But just because it [I]sounds[/I] easy, doesn't mean it [I]is [/I]easy.
[/QUOTE]
also thank you for your suggestion
Click to expand...
Yes, I'll see what I can do.

Regards, CRUEL-MODZ
 
Upvote 0 Downvote
todo10 said:
A member with no permissions to post links was able to bypass the filter by inserting the link in the quote:

Code: 
[QUOTE="Mandy Onderwater, post: 31475, member: 3896"]
Ahh, this is a topic I sadly don't know anything about. We always hired a professional (or asked experienced neighbours for help). Our house always had roof tiles though, and that's something we did ourselves. We kept a stack of spare tiles behind the shed [URL='https://liferaplumbing.ca/plumber-vancouver/'][COLOR=rgb(0, 0, 0)]learn more[/COLOR][/URL], for anytime one broke and/or fell during storms. Especially as they stopped making that particular type, haha.

Something people also forget to consider is; do you still feel safe (and/or fit enough) to go on a ladder and onto your roof. If the potential harm is not worth it to you, definitely hire someone.

It sounds like an "easy" job. But just because it [I]sounds[/I] easy, doesn't mean it [I]is [/I]easy.
[/QUOTE]
also thank you for your suggestion
Click to expand...
I don't have this problem on Xen-Soluce and on my localhost :/ have you configured the authorizations correctly?
 
Upvote 0 Downvote
Personally it works well on xen-soluce, you can test here to send a link you will not be able to
 
Upvote 0 Downvote
CRUEL-MODZ said:
Personally it works well on xen-soluce, you can test here to send a link you will not be able to
Click to expand...
Unfortunately no, I can't reproduce the bug here but the user actually doesn't have permissions to post links and he is able to post them so there is something going on. I can give you access to the forum so you can have a look.

A new user was able to bypass the link check again so it's happening on the latest addon version
 
Upvote 0 Downvote
CRUEL-MODZ said:
Yes give me access so I can test this
Click to expand...
Yes, the user was able to post again.

This is the post he made:
selfsufficientculture. com/threads/best-way-to-infuse-thyme-into-simple-syrup.4041/post-31842

I don't know how he does it. Apparently he post and then quotes the post and add the link, maybe he is able to bypass the spam filter by quoting a message and inserting the link inside it.
 
Upvote 0 Downvote
I don't understand, the option was already deactivated:
1743279095665.png
So yes I could post a message with a link, I activated the option is I can not post :
1743279177209.png
1743279182921.png
 
Upvote 0 Downvote
That was wrong in terms of UI/UX then, it's definitely confusing. I, as an admin, couldn't post a link so I didn't understand why this user was able.
 
Upvote 0 Downvote
You must log in or register to reply here.

Recommended Similar Threads

SyTry
Add-on [Xen-Soluce] User Moods Manager 2.3.0 Fix 2
Replies
0
Views
26
SyTry
SyTry
B
  • Solved
Solved Compatibility issue with Gift Upgrades add-on
Replies
2
Views
73
Blackhat
B
SyTry
Add-on [Xen-Soluce] SEO Optimization 2.7.0 Fix 4
Replies
0
Views
55
SyTry
SyTry
SyTry
Add-on [Xen-Soluce] Predefined Tags 2.3.0 Fix 1
Replies
0
Views
71
SyTry
SyTry
CRUEL-MODZ
Add-on [Xen-Soluce] DM Auto Reply
Replies
0
Views
91
CRUEL-MODZ
CRUEL-MODZ
Back
Top Bottom